RADIUS Debug Enhancements

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the "Feature Information for RADIUS Debug Enhancements" section.

Use Cisco Feature Navigator to find information about platform support and Cisco IOS and Catalyst OS softwareimage support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

Information About RADIUS Debug Enhancements

To enable RADIUS Debug parameters, you should understand the following concepts:

•RADIUS Overview, page 2

•Benefits of RADIUS Debug Enhancements, page 3

RADIUS Overview

RADIUS is a distributed client/server system that provides the following functionality:

•Secures networks against unauthorized access.

•Enables authorization of specific service limits.

•Provides accounting information so that services can be billed.

In the Cisco implementation, RADIUS clients run on Cisco routers and send authentication requests to a central RADIUS server that contains all user authentication and network service access information.

Benefits of RADIUS Debug Enhancements

The debug radius command displays information associated with RADIUS. Prior to the RADIUS Debug Enhancements feature, debug radius output was available only in an expanded, hexadecimal string format, resulting in displays that were difficult to interpret and analyze. Moreover, attribute value displays were truncated, particularly for VSAs.

This feature provides enhanced RADIUS display including the following:

•Packet dump in a more readable, user-friendly ASCII format than before.

•Complete display of attribute values without truncation.

•Ability to select a brief RADIUS debug output display.

•Allows a compact debugging output option that is useful for high-traffic, operational environments.

RFCs

Technical Assistance

Description

Link

The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies.

To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds.

Access to most tools on the Cisco Support website requires a Cisco.com user ID and password.

Feature Information for RADIUS Debug Enhancements

Not all commands may be available in your Cisco IOS software release. For release information about a specific command, see the command reference documentation.

Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which Cisco IOS and Catalyst OS software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

Note Table 1 lists only the Cisco IOS software release that introduced support for a given feature in a given Cisco IOS softwarerelease train. Unless noted otherwise, subsequent releases of that Cisco IOS softwarerelease train also support that feature.

Table 1 Feature Information for RADIUS Debug Enhancements

Feature Name

Releases

Feature Information

RADIUS Debug Enhancements

12.2(11)T

This feature provides enhancements to the existing functionality of RADIUS debug parameters.

Glossary

attribute—Form of information items provided by the X.500 Directory Service. The directory information base consists of entries, each containing one or more attributes. Each attribute consists of a type identifier together with one or more values.

IETF—Internet Engineering Task Force. Task force consisting of over 80 working groups responsible for developing Internet standards. The IETF operates under the auspices of ISOC.

VoIP—Voice over IP. The capability to carry normal telephony-style voice over an IP-based internet with POTS-like functionality, reliability, and voice quality. VoIP enables a router to carry voice traffic (for example, telephone calls and faxes) over an IP network. In VoIP, the DSP segments the voice signal into frames, which then are coupled in groups of two and stored in voice packets. These voice packets are transported using IP in compliance with ITU-T specification H.323.

VSA—vendor-specific attribute. An attribute that has been implemented by a particular vendor. It uses the attribute Vendor-Specific to encapsulate the resulting AV pair: essentially, Vendor-Specific = protocol:attribute = value.

Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.